Linux based android container platform, device equipped with the same and method for apply security system in Linux based android container environment
Abstract
A system for running a Linux based Android container platform with a processor and a memory is disclosed. The system includes a Linux host, an Android container which runs on the Linux host, and an integrated security module including a Linux security module having a Linux policy of a process running on the Linux host, and an Android security module having an Android policy of a process running on the Android container. The integrated security module is mounted in a directory shared between the Linux host and the Android container and the integrated security module overwrites a pre-existing Linux security module.
Claims
exact text as granted — not AI-modifiedWhat is claimed is:
1. A system for running a Linux based Android container platform with a processor and a memory, the system comprising:
a Linux host;
an Android container which runs on the Linux host; and
an integrated security module including,
a Linux security module having a Linux policy of a process running on the Linux host, and
an Android security module having an Android policy of a process running on the Android container,
wherein the integrated security module is mounted in a directory shared between the Linux host and the Android container and the integrated security module overwrites a pre-existing Linux security module.
2. The system of claim 1 , wherein the Android container shares kernel and device with the Linux host.
3. The system of claim 1 , wherein the Android container mounts process (proc) and system (sys) directory of the Linux host in a Root File System of the Android container.
4. The system of claim 1 , wherein the integrated security module overwrites the pre-existing Linux security module, when the Android container runs on the Linux host.
5. The system of claim 1 , wherein the integrated security module assigns context to a file, user, and process.
6. The system of claim 5 , wherein the integrated security module includes a policy that specifies rules between the contexts.
7. The system of claim 6 , wherein the integrated security module performs system access control according to the policy that specifies rules between the contexts.
8. The system of claim 1 , wherein the integrated security module includes the Linux security module and a lightweight Android security module which allows the Linux security module to be applied to an Android framework.
9. A device equipped with the Linux based Android container platform, the device comprising:
a processor and a memory;
a Linux host;
an Android container which runs on the Linux host; and
an integrated security module including,
a Linux security module including a Linux policy of a process running on the Linux host, and
an Android security module including an Android policy of a process running on the Android container,
wherein the integrated security module is mounted in a directory shared between the Linux host and the Android container and the integrated security module overwrites a pre-existing Linux security module.
10. A method for applying a security system in a Linux based Android container environment in which an Android container runs on a Linux host, the method comprising:
generating an integrated security module including a Linux security module having a Linux policy of a process running on the Linux host and an Android security module having an Android policy of a process running on the Android container;
mounting the integrated security module in a directory shared between the Linux host and the Android container; and
overwriting a pre-existing Linux security module with the integrated security module.
11. The method of claim 10 , wherein the step of overwriting allows the integrated security module to overwrite the directory in which the Linux security module is mounted on the Linux host, when the Android container runs on the Linux host.
12. The method of claim 10 , wherein the step of overwriting allows the integrated security module to overwrite the directory in which the Linux security module is mounted on the Linux host, when the Android container runs on the Linux host by mounting process (proc) and system (sys) directory of the Linux host in a Root File System of the Android container.
13. The method of claim 10 , wherein the step of generating comprises generating the integrated security module which assigns context to a file, user and process, wherein the integrated security module includes a policy that specifies rules between the contexts.
14. The method of claim 10 , wherein the step of generating comprises generating the integrated security module which performs system access control of the Linux host.
15. The method of claim 14 , wherein the step of generating comprises generating the integrated security module which performs access control of an app installed on Android.Join the waitlist — get patent alerts
Track US10482267B2 — get alerts on status changes and closely related new filings.
We store only your email — no account needed. See our privacy policy.